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Thank Father, for that kind introduction. Thanks to you and to Fordham for makino 

this possible This has become one of the most important gatherings of ^pte wtoTam Siom 

andra?StsTo yo'ufg'noZ " 


saying— I’m glad you mentioned it— my heart is still heavy from 
notin^that "" ^ ^ this great city without 


Echoing in my head are words from Bill Bratton at Detective Ramos’ funeral where he uroed 
that we all find ways to see each other better. That law enforcement work to see tL ^ 

SttlT^A '*w communities work to see law enforcement 

S where til morrnff''®'^' ®sP®cially given the events of the last day or 

so Where two more officers were wounded, I hope that part of that seeing involves an ^ 

appreciation for just what policing involves. How hard it is. How dangerous it is But I think 

conversation going on in this country right nowfbout racLnd pdictg and 
I hope to have more to say about that in the next couple of weeks. ^ 

today to talk about cyber. Before I get to that, let me also say that my heart goes 

ut to the people of France and Paris this morning. We’re thinking of them We have the FBI a 

roSIm ?nf- P^^ners in the Frinch law enforcement a^dcoun^^^^^^ 

communities. We are working with them. We will do everything we can to help them brinq to 
justice the perpetrators of the atrocity that happened in Paris earlier today So weYe Siio of 
our friends and partners in Paris this morning. ^ 

1° ' 's to talk to you about how we at the FBI are 

thinking about cyber security and the cyber threat. I want to talk a little bit about some of the 

to give you some new information about the investigation that 
we re doing into the Sony hack perpetrated by the North Koreans. 'nvesiigation that 

by telling you what you know, which is that everything has changed in wavs that are 
so fundamental that it’s difficult to describe what it means when we say^hrworid is chanaino 

not a^nf ‘hat in all things cyber there’s a lot of no^ng^d I worry Se’s 

not a lot of understanding behind the nodding at times. And so I always look for wavs to 
describe just how fundamental the transformation we’re standing in the middle of is^ 
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persoa As a father of five yo^ng adults a 
exceeded4he''6!5:TTuhto;V^Yl;cartp^ 

th^ /iSirni^ doubt that everything has changed because we’ve connected our entire lives to 
the Internet That is why, because all of life is there, that all of the parts of life that the FBI is 
responsible for trying to protect— whether it criminal, counterintelligence, counterterrorism 
protecting children, fighting fraud— it all happens there because that’s where life is. 

What I want to tell you this morning, now afternoon, is how we’re thinking about the threat what 
our strategy is for the threat, addressing the threat, and why our partners in the private sector 
matter so much to us being successful in fighting the threats we’re responsible for. 

describe to people in very simple ways what we’re 

my children play on the Internet. Because that’s where I bank. Because that’s where my health 
^re ^cause thafs.^ don't have a social life, but if I had one, that's where I'n^sure it wouki 
onnTS '«'here our nation s critical infrastructure is, that’s where our government’s secrets are 
f because life is there, that’s where bad people come who want to hurt children, who 
want to steal money, who want to take identities, who want to steal secrets, who want to 
damage dams and critical infrastructure in the United States. It’s the way they come at us 
because that’s where life is. 

S'"®®* vector change that gave birth to the FBI. And this 
popped in my head when I was visiting the field office that we have in Indianapolis A local 
sheriff gave me a round that had been fired from John Dillinger’s Thompson submachine gun It 
(^urr^ to me that the great vector change of the 1920's Wo the 1930^ was the oonfluenre of 
the automobile and asphalt. It gave birth to an entirely new way of doing bad things. 

Hn,fnh?D" hti? breathtaking speeds, right? Forty miles an hour. Fifty 

downhill. Right? They could go from Ohio to Indiana to Illinois in the same day and do bank 

r" locations. They were blowing away traditional notions of county line 

and state line. Right? It was straining the framework that law enforcement used and so a^ 

of hTfr? director-there was the first director 

of the FBI J Edgar Hoover. And a national force was born to respond to that entirely new way 
of crimes being committed. A new vector that required a new approach. ^ 

III H ^o""‘® and Clyde could not do a thousand robberies in 

foHo? ■!? ! Jf Pajanias froni Belarus. That’s the challenge we face 

today. The traditional notions of space and time and venue and border and my jurisdiction and 

but at 186,000 miles per second. The speed of light. ^vviimih. 

If ai"® destroyed by that kind of threat. That requires every part of 

the FBI, those who are spending their days protecting kids, fighting fraud, fighting spies fighting 

f nfliKf-’t intellectual property, all of those things; it requires those people to be 

^ '’®^';y'®® '^® have the right kind of people, the right kind of equipment and 
otlfingerira ^ ^ ^ '® boQgl'ng compared to the 
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So what to do? Let me turn to our strategy. The first thing to do though is adopt an attitude of 
humility. I think we stand in the single greatest transformation in human history and anybody 
who stands here and says, “I know what five years from now looks like, I know what 10 years 
from now looks like, and therefore the FBI should be deployed and equipped in the following 
way,” is arrogant and, in my view, foolish. 

I have to approach this with a sense that we have never seen this before. So I have to be 
humble enough to say. I’ll take things that seem reasonable. I’ll get feedback, and I’ll iterate. So 
we approach it, I hope, with humility. 

And then we devise a five-point strategy. We’re going to try to focus ourselves, we’re going to 
try to shrink the world, we’re going to try to impose real costs on bad actors, we’re going to try to 
improve our relationships with state local law enforcement and most importantly of all, we’re 
going to try to improve our relationship, our battle rhythm, our working relationship with private 
sector partners. 

Let me say a word about what I mean by each of those. 

Focus. Because this affects everything that we might be inclined to deal with, we can’t do it all. 
And so what we’re trying to do in the FBI is figure out so where should our resources be 
deployed. And we think it makes sense to go against the biggest. The worst. The baddest. And 
think about what to go after given what’s unique about the FBI. We have international reach and 
we have significant resources. So given that, what should we focus on? And there’s a lot to 
choose from as you know. 

I have been teased repeatedly, but I’m not giving up describing the threat we face as an evil 
layer cake with nation states at the top... terrorists, organized criminal actors, sophisticated 
worldwide botherders and botnets, hacktivists, weirdoes, bullies, pedophiles, creeps... all kinds 
of people at the lower levels of the layer cake. 

We re going to try to focus on the top layers of that cake and focus ourselves on the nation state 
actors and the biggest, the most extensive, the most dangerous criminal syndicates and 
international operations. Where can we make the biggest impact for the investment of 
resources? 

We’re also, as we focus those resources, going to try to deploy them in a different way. As I 
said, this vector change blows away traditional notions of, well, this is my area of responsibility, 
this is your area of responsibility. This is my judicial district, that’s your judicial district. Blown 
away by a threat that’s moving as a photon. 

And so we’re going to assign this work not based on some notion of physical fixed jurisdiction or 
venue. We’re going to assign it where the talent is. So what we’re doing is looking across the 
FBI and saying, “Where is the talent to deal with this particular threat?” And we will assign that 
threat to that field office. It could be at one corner of the country or the other corner of the 
country. It s where the talent is. And then we’ll allow up to four other offices to support that 
effort, to help the primary assigned office. We call this the cyber threat team model. Seems to 
make good sense to me. I don’t know. We’ve never done it before. We’re trying it and we’re 
getting feedback from people to see whether it works and whether we need to iterate and 
change in some fashion. 
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Second, shrink the world. What do I mean by that? The bad guys have shrunk the world on us. 

ey re sitting iri their pajamas halfway around the world. They’re in a military uniform halfway 
around the world moving at the speed of light. Blowing away the traditional notions. Shrinking 
the globe to the point of the pin. We have to do the same. 

So we’re trying to do a couple different things to respond to that. We’re going to forward-deploy 
more and more cyber special agents of the FBI and intelligence analysts of the FBI in our 
foreign partners’ offices around the world to make sure that our battle rhythm tries to keep up 
with the threat that’s moving that fast. To fonvard deploy so we have no gap between when the 
threat is seen and when someone acts on it. 


And the second thing we’re going to do is, within the government, try to continue to improve at 
getting our act together at dividing up our resources between organizations in the government. 

As I’ve said before, when I left government in 2005, 1 described our response to the cyber threat 
as a bit like 4-year-old soccer. I have five children as I think I said, and I watched a lot of 4-year- 
old soccer and it is clumps of children chasing the ball. Because the ball is the cool thing so you 
want to be near the ball at all times so in big clumps they chase the ball. Cyber was very cool. 

All of us in government knew we had to do something about cyber, so there was a biq clumo of 
us running around chasing it. ® ^ 

Now that I ve come back— I’ve been back a year and four months now. I saw when I came back 
we ve made significant progress. We’re probably high school, college-level soccer. We spread 
out. We know we have to pass. We know it’s important to know where you are on the field 
Everybody shouldn’t be following the ball. But we’re facing a World Cup-level adversary We 
have to get better at feeding each other the ball when we need it and doing it at machine speed. 

We have built as a government something called the National Cyber Joint Investigative Task 
Force, NCIJTF, where 19 federal agencies sit together and divide up the work. See the threat 
see the challenge, divide it up and share information. That’s great. That’s one significant down 
payment on moving toward World Cup-level soccer, but we have more to do. 

I said we need to impose costs. What do I mean by that? I worry sometimes that whether the 
artor IS a nation state or a criminal or a creep down the block, there’s a sense that it’s a freebie. 
That If I m at a keyboard somehow it’s free that I can break in and steal the lifeblood of an 
American business or steal the identity of an American citizen when it is in reality no different 
than kicking in your front door and walking out with your television, righP Or draaaino 
something you love dearly out of your life. 


VVe have to treat it that way. We have to impose real costs on people who think they’re 
a one... think they re far enough away that it’s a freebie. And the first way we need to do that is 
nA/ M 'ay fiands on people and lock them up. Often when I say that people say ’ 

Well, these people are far away and they’re in foreign countries.” I’m not saying it’s easy but 
we are dogged people. Never say never. 


As the world shrinks and people travel, we have more and more opportunities to lay hands on 
people who think they perpetrated a freebie in an effort to make it a real cost. So we’re going to 
try to lay hands on people or get our partners to lay hands on people as often as possible 
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The other thing we’re going to do is when we can’t lay hands on people, as often as possible 
we re going to call out the conduct. And as often as we possibly can we’re going to say here’s 

adore ft '"'‘'<*"8 the five People’s Liberation Army 

actors for a naked theft of the lifeblood of American companies. I thought it was very verv 

important to have that be a public indictment and explain the conduct. 

For the same reason, I thought it was very, very important that we as a government we as an 

that cond.'Trt TT '^i ° •'^cked Sony. And call out 

attrib^rtrn^^flnd th *0 off®'' our 

attribution and the whys behind our attribution. 

Ji!iH f everyone has to take cyber security seriously It 

Mol ^ ^ Department’s recent sanctions against 

S^s^AlSht?^faf^h® important signal of how seriously the government takes these 

harm ^ A consequences for those who use malicious cyber activity to 

harm Americans or harm American businesses. ^ 

fhP^a ^^® ®"*''’® 'otelligence community have previously attributed 

th^ i?fp ?haH i! ^orea and we continue to believe that is the case. There is not much in 

dopitfl^f ^ confidence about. I have very high confidence about this attribution as 

does the entire intelligence community. at, 

Korea? ' ^®''® Confidence in this attribution to North 

Korea? Well, here s the tricky part. I want to show you as much as I can the American peoole 

we°sil a®nd Wha?"^ ' r “”'® O^aJ? biw 

Tnd our sourcef ®®®''®® '"^PP®" ®9®'" '«'® ^ave to preserve our methods 

thP^dttrHoi '^®’''® ^''■®®^y right? You know that the technical analysis of 

North Ko?f *'°'^ malware from the attack shows clear links to other malware that we know the 

cXer aSSIha^frirNorth J''® *^® ‘'°'® s'^i'larities to a 

W^v® done a— I have, as you may know from watching “Silence of the Lambs ” peoole who sit 
a tQuantico...very dark jobs. Their job is trying to understand the minds of bad aSo?s t!S^ 
our b®havioral analysis unit. We put them to work studying the statements the writings the 
rom°" ^^® ®0-®®"®d Guardians of Peace in this attack wJ" 

Islsxl same aSom ^®''® ^°"® ®®y’ 

)!y® ® ^®'^ ®" the intelligence community and said “Let’s hack at 

we oxplonations might there be? What migW 

Wh^S wp^^m hypothesis might there be? Evaluate possible alternatives. 

What might we be missing? And we end up in the same place. 
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the newspaper and I’ve seen it on the news, that some 
serious folks have suggested that we have it wrong. I would suggest— I’m not suggesting. I’m 

S'i' I see, but there are a couple things 
that I have urged the intelligence community to declassify that I want to tell you right now. ^ 

The Guardians of Peace would send e-mails threatening Sony employees and would post 
online vanous statements explaining their work. In nearly every case they used proxy Lrvers to 

d sguise where they were coming from in sending those e-mails and in pLting those ° 

statements. ® 

^ got sloppy. Several times, either because they forgot or because they 
Ih« problem, they connected directly and we could see them. And we could see that 

the IP addresses that were being used to post and to send the e-mails were coming IPs that 
were exclusively used by the North Koreans. ^ 

Jiilj'®® ® haven’t told you about before that was a very clear indication 

f very quickly once they realized the mistake, but not 
before we saw them and knew where it was coming from. 

As I said, we have a range of other sources and methods that I’m going to continue to protect 
because we think they’re critical to our ability-the entire intelligence community’s ability-to 

understand this attack better. We have brought them all to bear in this 
started— not with just high confidence, but very high confidence 

that the North Koreans perpetrated this attack. 

We’re still looking to identify the vector. How did they get into Sony? We see so far spear 
that anH at Sony in September— as late as September of this year. We’re still working 

the liken^^for i°„to Sony'° 

nartH®"* ^^®y reached out to the FBI and have been a great 

“'"'e attack, and 

calling out bad 

conduct, has to be part of the FBI strategy, and it will be. 

helping our state and local partners deal with the threat 

rT®* fuT® »’® resources and time to get to are appearing 

for the county sheriffs, the local police departments, the local DAs. 

saying, “I wp ripped off. Somebody sent me an e-mail saying the FBI director 
needs me to wire this money to Nigeria and I wired it. And so I need help.” 

I don’t want anyone within the sound of my voice— I never want you to wire money to me 
anywrisr© on th6 osrth. ^ 
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We need to equip our state and local partners to be able to be digitally literate and to conduct 
thei^r investigations in responding to the same threats coming through the vector that is cyber 

Vt nnn 21? 1? Service to offer training to the 

Hil? M * and local law enforcement organizations in this country to equip their people to be 
digitally literate. A ton of work going on there. Lots more needs to be done. 

And then last, the fifth part of the strategy is the importance of increasing our cooperation and 
improving our cooperation with our private partners. Let me say why this matters so much. I 
think you get [his. All of it is in your world, private sector partners. Invariably, that’s where the 
victims are. That s where the information is that we need in order to be able to respond to 
actions by nation states, by terrorists, by hacktivists, by all-the entire layer cake manifests itself 
on your networks and on your systems. If we can’t find a way to effectively share that 
information to those of us with the enforcement powers, we’re sunk. 

You also see things. You have tremendous brains in the private sector. You see things You 
think of things that could be tremendously useful to us. We have to find ways, productive ways 
to get the content of your brain into the government. 

Without effective sharing, I’m a bit like a police officer patrolling a street with 50-foot high walls 

'il'ir ®*'”®®^- ' *®" looks fine. The little piece of the 

world that can see clearly, it looks clean to me. If I can’t see through that 50-foot wall into that 
neighborhood’ I have no ability to help make it safe or to even tell you what’s going on there. 

We have to find a way to make those walls in some fashion at least semi-permeable so we can 
share information. 

This is not easy. I know some of the frustration on the private sector side. As I have said I was 
the general counsel of two companies before coming back to government, and I’ve been in lots 

*'*^® doesn’t the government tell us something?” Right? 

What are they going to do with what we tell them? What if it leaks? What if it gets used against 
us in a competition? What if we get accused of lying to somebody? What if we get sued? What 

going to think? What’s the board going to think? Why can’t the government 
tell us things that we can actually do something about?” 

I understand some of the challenges that lay there right now. I think we need clearer rules for 
the private sector... to offer clear rules of the road for what will happen to what you share and 
what we need you to share. Right? We need better technology. Be able to share information 
iYiforSon"^°''^ effectively and more quickly. You need protection. You need guidance. I need 

We have made significant progress in a lot of the different parts of the American economy in 
sharing, but there are a bunch of impediments that remain. Mechanical, I mentioned. Legal I 
mentioned. And then there’s one that’s harder to describe, but feels very real to me, and that is 
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In the wake of Mr. Snowden’s so-called revelations, there’s a wind blowing that I worry has 

skepticism of government power— I think everybody should be skeptical 
Lhinri ^ so that people don’t want to be with us anymore. Meet us out 

ove mv wear a bag 

somin h^H f government. Because there is this wind blowing that there’s 

thJI2!!^Ihaf wi*^H touching the United States Government. We have to build even though 
there s that wind. We ve got to do our best to speak into that wind to try to explain how we’re 

Mrh nthlf w?h government. But we simply cannot fight this threat without talking to 

each other. Without building effective bridges despite the wind that’s blowing. 

So that’s our strategy. Focus ourselves, shrink the world, impose real costs, get better at 

of oil, get better at cooperating 

with our pnvate sector partners. ^ 


Before I leave you though I want to mention something that I know Cy Vance 
because he s been a leader on this — ^the problem of what we call Going Dark. 


mentioned today 


nSSrin 1’ i"^P°rtant to us in law enforcement. Especially in law enforcement. We are 

shS « to 

government in 2005, there was a significant Going Dark problem with data in motion 
We were increasingly finding ourselves in a place where we went to a judge, we got a court 

°f blinking off to my periphery in 2005. When I came back in 2013 it’s 

hindmrif Lnw h because of the proliferation of communication modes, right? The 
hundreds and hundreds of apps through which people communicate. We’re making it ^ 

increasingly difficult for us with lawful authority, especially in our criminal work, to be able to 
with SErt approvT"''^^^'°"^ criminals, of bad people of all sorts 


But there s ancjther dimension to it that made it blink even more brightly— directly in front of me 
Not just the data motion. Increasingly what we’re finding ourselves up against is data at rest that 

this IS everywhere in law enforcement. lu. mho 

There used to be a day in the good old days of jaw enforcement, you get a search warrant vou 
enter a drug location and the knuckleheads would have written down in one of those black’ 
omposition books who got what and how many kilos there were and you take the book and vou 
would photocopy Jt and give it to the prosecutor and you would be good to g^Now wf ^ 

Sr. LI f " '®P'°P’ ® f^blet...and increasingly we’re encount^ng 

devices that we cannot get access to even with lawful authority. To me, this is not about the 
government wanting to whack people’s privacy. I’m a big fan of privacy. I don’t want the 
government, without lawful authority, going through anything of mine. 
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This, though, is about us drifting to a place where there will be zones beyond the reach of the 

Amendment is one of the most imS parts of tht entire 
democracy because the government may not search and seize the people’s papers and effects 

oaoers and^Srt.,^''* now we’re drifting to a place that, even with a warrant, will be 
papere and effects even with court authority, that are beyond the reach of the law Maybe we 

S nlS/an that’s where we want to end up as a democracy. Maybe people decide 

^ important. But I don’t think we’re talking about it enough. I don’t think we’re 

thinking about, “So what are the trade-offs involved there?" 

My job, I don t believe, is to tell people what to do. I mean, in a democracy the oeoDle should 

hPrl^r *'^®'’® ®^® significant public safety^mplications 

here and let s talk about it before we get to the place that Cy Vance talks about. Where^people 

y can t • This little girl has disappeared. What do you mean you can’t tell me who she was 

Taei to wh'^fd" disappeared? You’ve got the phone. Y^’ve got a court^der." Before 
we get to what do you mean you can’t,” I think we’ve got to talk about it as a people. 

that vo?.°npl‘ihr’ ^or b^ng here. Just that you’re attending this conference is a sign 

we’re challenge we face that cyber has truly changed everything 

T ^ especially to those of you in the private sector for making us ^ 

skln^Si nf^ pushing us for asking hard questions. I meant it when I said people should be 
skeptical of government. Ask hard questions. We will learn from your questions. 

most of^aM to do so much harm to you. And 

most of all, thank you for the work that I think we will do together in a lawful approoriate wav to 
protect the American people. Thanks for listening appropriate way to 


### 
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